1. Field of the Invention
The present invention generally relates to integrated circuits and more specifically to circuits comprising an interface of JTAG type.
The present invention more specifically applies to integrated circuits intended to contain one or several digital quantities to be protected against an access from the outside, especially keys used in ciphered or signed exchanges by means of cryptography algorithms.
2. Discussion of the Related Art
FIG. 1 is a schematic block diagram of an example of an integrated circuit 1 with a microcontroller of the type to which the present invention applies. This circuit comprises a JTAG interface (Joint Test Action Group), the architecture of which is defined by a standard IEEE 1149 (Standard Test Access Port and Boundary-Scan Architecture). This standard defines a series protocol with five terminals for accessing to and controlling signal levels on the input/output terminals of a digital circuit. In the example shown in FIG. 1, circuit 11 to be tested (CORE) communicates with the outside through three input/output terminals 12, 13, and 14. For simplification, the case of three terminals 12 to 14 is considered, but the microcontroller may comprise many other accesses.
The general structure of the JTAG interface comprises elements 15 and 16 for branching the signals between input/output terminals 12, 13, and 14 and circuit 11 to be tested to branch the signals present on the input/output terminals either to circuit 11, or to a third element 17 of the JTAG interface (JTAG IF) especially comprising logic test circuits. Circuit 17 communicates with the outside of circuit 1 by means of five terminals carrying signals TDI, TCK, TRIS, TRST, and TDO of the JTAG protocol. Signals TDI, TCK, TRIS, and TRST correspond to respective inputs of data reception (TDI), of a clock signal (TCK), of a signal (TRIS) of mode selection between the test mode and the normal operation mode, and of a reset signal (TRST). The fifth signal (TDO) corresponds to an output towards an external tool of interpretation of the performed test.
By default, circuit 1 is in a normal operation in which deviation elements 15 and 16 are inoperative, core 11 of circuit 1 then communicating with input/output terminals 12 to 14. In test phase, by the activation of circuit 17, signal branching circuits 15 and 16 enable redirecting either signals present at the input of terminals 12 to 14, or signals present at the output of the terminals of circuit 11, towards circuit 17 for outputting through terminal TDO and interpretation by the test tools (not shown).
The operation of a JTAG interface is known by the above-indicated standard and an example of the circuit of FIG. 1 is discussed in article “Brief Introduction to the JTAG Boundary Scan Interface” by Nick Patavalis, published on Nov. 8, 2001 on Internet page http://www.inaccessnetworks.com/ian/projects/ianjtag/jtag-inro/jtag-intro.html.
A problem linked to the use of a JTAG interface is that it forms an element likely to have access to digital quantities contained in microcontroller 11 which would be desired to be preserved from an access from the outside. These quantities for example are ciphering, authentication keys, etc. which are considered as secret and having to remain within the circuit. The JTAG interface of a microcontroller may indeed enable a person attempting to fraud to have access to such information, be they contained in the actual integrated circuit (in the microcontroller) or in a secure memory external thereto and with which it communicates over a bus.
FIG. 2 is a functional representation of an example of a microcontroller 1 equipped with a JTAG interface 17′. To simplify the representation of FIG. 2, the branching elements (15 and 16, FIG. 1) have not been illustrated. Circuit 1 forms a microcontroller for example comprising a central processing unit 21 (CPU), a non-volatile memory 22 (ROM), for example, of read-only memory type, a RAM 23 (MEM) for the execution of the programs, and a cryptographic function 24 (CRYPTO-FCT). Function 24 generally is a program or a circuit (cryptoprocessor) handling quantities considered as having to remain secret, be it for ciphering, signature, authentication purposes, etc. The different components of circuit 1 communicate by means of an internal bus 25 over which data, addresses, and control signals transit. Bus 25 communicates with the outside through input/output ports (not shown). In the example of FIG. 2, a flash memory 3 (FLASH) is connected to bus 25 by these input/output ports.
According to a first example, a secret key is contained in memory 22 and can be used by cryptoprocessor 24 to process secret data contained in external memory 3. In this case, the secret key transits from ROM 22 to processor 24 through bus 25. Now, this bus is accessible through JTAG interface 17′, which introduces a possible flaw in the system security.
According to another example, a key is generated by the microcontroller from: an identifier for example contained in central processing unit 21; digital elements contained in ROM 22; and other cryptographic elements contained, for example, in an additional element 26 (for example, a key conditioning rights of access to certain applications). Here again, the fact for all quantities to pass through bus 25 accessible through JTAG interface 17′ weakens the system in terms of preservation of the secret of the handled quantities.
European patent application EP-A-1443338 provides adding to the JTAG interface a user authentication mechanism to control the access thereto.
A first disadvantage of this technique is that it requires significant hardware resources.
Another disadvantage is that it provides access to the elements to be protected if the user passes the control.